PNArchives/Memoh
1
0
Fork 0
mirror of https://github.com/memohai/Memoh.git synced 2026-04-27 07:16:19 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
632fd1fe9fcff113ee4e9ca192bdac760fea11e7
Memoh/internal/handlers/contacts.go
T
BBQ 5a35ef34ac feat: channel gateway implementation and multi-bot refactor 
- Refactor channel manager with support for Sender/Receiver interfaces and hot-swappable adapters.
- Implement identity routing and pre-authentication logic for inbound messages.
- Update database schema to support bot pre-auth keys and extended channel session metadata.
- Add Telegram and Feishu channel configuration and adapter enhancements.
- Update Swagger documentation and internal handlers for channel management.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-06 14:41:54 +08:00

184 lines
5.5 KiB
Go
Raw Blame History

package handlers
import (
"context"
"errors"
"net/http"
"strings"
"github.com/labstack/echo/v4"
"github.com/memohai/memoh/internal/auth"
"github.com/memohai/memoh/internal/bots"
"github.com/memohai/memoh/internal/contacts"
"github.com/memohai/memoh/internal/identity"
"github.com/memohai/memoh/internal/users"
)
type ContactsHandler struct {
service *contacts.Service
botService *bots.Service
userService *users.Service
}
func NewContactsHandler(service *contacts.Service, botService *bots.Service, userService *users.Service) *ContactsHandler {
return &ContactsHandler{
service: service,
botService: botService,
userService: userService,
}
}
func (h *ContactsHandler) Register(e *echo.Echo) {
group := e.Group("/bots/:bot_id/contacts")
group.GET("", h.List)
group.GET("/:id", h.Get)
group.POST("", h.Create)
group.PATCH("/:id", h.Update)
}
func (h *ContactsHandler) List(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
query := strings.TrimSpace(c.QueryParam("q"))
items, err := h.service.Search(c.Request().Context(), botID, query)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, map[string]any{"items": items})
}
func (h *ContactsHandler) Get(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
id := strings.TrimSpace(c.Param("id"))
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "contact id is required")
}
item, err := h.service.GetByID(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, item)
}
func (h *ContactsHandler) Create(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
var req contacts.CreateRequest
if err := c.Bind(&req); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
req.BotID = botID
item, err := h.service.Create(c.Request().Context(), req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, item)
}
func (h *ContactsHandler) Update(c echo.Context) error {
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := strings.TrimSpace(c.Param("id"))
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "contact id is required")
}
var req contacts.UpdateRequest
if err := c.Bind(&req); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
userID, err := h.requireUserID(c)
if err == nil {
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
item, err := h.service.Update(c.Request().Context(), id, req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, item)
}
sessionToken, tokenErr := auth.SessionTokenFromContext(c)
if tokenErr != nil {
return err
}
if sessionToken.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "session token mismatch")
}
if strings.TrimSpace(sessionToken.ContactID) == "" || sessionToken.ContactID != id {
return echo.NewHTTPError(http.StatusForbidden, "contact mismatch")
}
if req.Tags != nil || req.Status != nil {
return echo.NewHTTPError(http.StatusForbidden, "session token cannot update tags or status")
}
item, err := h.service.Update(c.Request().Context(), id, req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, item)
}
func (h *ContactsHandler) requireUserID(c echo.Context) (string, error) {
userID, err := auth.UserIDFromContext(c)
if err != nil {
return "", err
}
if err := identity.ValidateUserID(userID); err != nil {
return "", echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
return userID, nil
}
func (h *ContactsHandler) authorizeBotAccess(ctx context.Context, actorID, botID string) (bots.Bot, error) {
if h.botService == nil || h.userService == nil {
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, "bot services not configured")
}
isAdmin, err := h.userService.IsAdmin(ctx, actorID)
if err != nil {
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
bot, err := h.botService.AuthorizeAccess(ctx, actorID, botID, isAdmin, bots.AccessPolicy{AllowPublicMember: false})
if err != nil {
if errors.Is(err, bots.ErrBotNotFound) {
return bots.Bot{}, echo.NewHTTPError(http.StatusNotFound, "bot not found")
}
if errors.Is(err, bots.ErrBotAccessDenied) {
return bots.Bot{}, echo.NewHTTPError(http.StatusForbidden, "bot access denied")
}
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return bot, nil
}
Reference in New Issue View Git Blame Copy Permalink